lashman/driftwood
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Fix 29 audit findings across all severity tiers

Browse Source 
Critical: fix unsquashfs arg order, quote Exec paths with spaces,
fix compare_versions antisymmetry, chunk-based signature detection,
bounded ELF header reads.

High: handle NULL CVE severity, prevent pipe deadlock in inspector,
fix glob_match edge case, fix backup archive path collisions, async
crash detection with stderr capture.

Medium: gate scan on auto-scan setting, fix window size persistence,
fix announce() for Stack containers, claim lightbox gesture, use
serde_json for CLI output, remove dead CSS @media blocks, add
detail-tab persistence, remove invalid metainfo categories, byte-level
fuse signature search.

Low: tighten Wayland env var detection, ELF magic validation,
timeout for update info extraction, quoted arg parsing, stop watcher
timer on window destroy, GSettings choices/range constraints, remove
unused CSS classes, define status-ok/status-attention CSS.
This commit is contained in:
lashman
2026-02-27 22:08:53 +02:00
parent f87403794e
commit e9343da249
27 changed files with 1737 additions and 250 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
data/app.driftwood.Driftwood.gschema.xml
View File

@@ -22,11 +22,20 @@
<description>Directories to scan for AppImage files.</description>
</key>
<key name="view-mode" type="s">
<choices>
<choice value='grid'/>
<choice value='list'/>
</choices>
<default>'grid'</default>
<summary>Library view mode</summary>
<description>The library view mode: grid or list.</description>
</key>
<key name="color-scheme" type="s">
<choices>
<choice value='default'/>
<choice value='force-light'/>
<choice value='force-dark'/>
</choices>
<default>'default'</default>
<summary>Color scheme</summary>
<description>Application color scheme: default (follow system), force-light, or force-dark.</description>
@@ -37,6 +46,12 @@
<description>Whether to automatically scan for AppImages when the application starts.</description>
</key>
<key name="detail-tab" type="s">
<choices>
<choice value='overview'/>
<choice value='system'/>
<choice value='security'/>
<choice value='storage'/>
</choices>
<default>'overview'</default>
<summary>Last detail view tab</summary>
<description>The last selected tab in the detail view (overview, system, security, storage).</description>
@@ -57,6 +72,7 @@
<description>Create a config backup before applying an update.</description>
</key>
<key name="backup-retention-days" type="i">
<range min="1" max="365"/>
<default>30</default>
<summary>Backup retention days</summary>
<description>Number of days to keep config backups before auto-cleanup.</description>
@@ -67,6 +83,11 @@
<description>Show a confirmation dialog before deleting AppImages or backups.</description>
</key>
<key name="update-cleanup" type="s">
<choices>
<choice value='ask'/>
<choice value='always'/>
<choice value='never'/>
</choices>
<default>'ask'</default>
<summary>Update cleanup mode</summary>
<description>What to do with old versions after update: ask, keep, or delete.</description>
@@ -82,6 +103,12 @@
<description>Send desktop notifications when new CVEs are found.</description>
</key>
<key name="security-notification-threshold" type="s">
<choices>
<choice value='critical'/>
<choice value='high'/>
<choice value='medium'/>
<choice value='low'/>
</choices>
<default>'high'</default>
<summary>Security notification threshold</summary>
<description>Minimum CVE severity for desktop notifications: critical, high, medium, or low.</description>

6
data/app.driftwood.Driftwood.metainfo.xml
View File

@@ -51,12 +51,6 @@
<control>pointing</control>
</recommends>
<categories>
<category>System</category>
<category>PackageManager</category>
<category>GTK</category>
</categories>
<keywords>
<keyword>AppImage</keyword>
<keyword>Application</keyword>

65
data/resources/style.css
View File

@@ -94,6 +94,15 @@ flowboxchild:focus-visible .card {
outline-offset: 3px;
}
/* App card status indicators */
.status-ok {
border: 1px solid alpha(@success_bg_color, 0.4);
}
.status-attention {
border: 1px solid alpha(@warning_bg_color, 0.4);
}
/* Rounded icon clipping for list view */
.icon-rounded {
border-radius: 8px;
@@ -117,11 +126,6 @@ row:focus-visible {
outline-offset: -2px;
}
/* Badge row in app cards */
.badge-row {
margin-top: 4px;
}
/* Letter-circle fallback icon */
.letter-icon {
border-radius: 50%;
@@ -151,18 +155,6 @@ row:focus-visible {
margin-bottom: 6px;
}
/* Inline ViewSwitcher positioning */
.detail-view-switcher {
margin-top: 6px;
margin-bottom: 6px;
}
/* ===== Quick Action Pills ===== */
.quick-action-pill {
border-radius: 18px;
padding: 6px 16px;
}
/* ===== Compatibility Warning Banner ===== */
.compat-warning-banner {
background: alpha(@warning_bg_color, 0.15);
@@ -171,45 +163,6 @@ row:focus-visible {
border: 1px solid alpha(@warning_bg_color, 0.3);
}
/* ===== Dark Mode Differentiation ===== */
@media (prefers-color-scheme: dark) {
.compat-warning-banner {
background: alpha(@warning_bg_color, 0.1);
border: 1px solid alpha(@warning_bg_color, 0.2);
}
}
/* ===== High Contrast Mode (WCAG AAA 1.4.6) ===== */
@media (prefers-contrast: more) {
flowboxchild:focus-visible .card {
outline-width: 3px;
}
button:focus-visible,
togglebutton:focus-visible,
menubutton:focus-visible,
checkbutton:focus-visible,
switch:focus-visible,
entry:focus-visible,
searchentry:focus-visible,
spinbutton:focus-visible {
outline-width: 3px;
}
row:focus-visible {
outline-width: 3px;
}
.status-badge,
.status-badge-with-icon {
border: 1px solid currentColor;
}
.compat-warning-banner {
border: 2px solid @warning_bg_color;
}
}
/* ===== Reduced Motion (WCAG AAA 2.3.3) ===== */
/* Note: GTK CSS does not support prefers-reduced-motion or !important.
Reduced motion is handled by the GTK toolkit settings instead